Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology.

Published byBrent Bennett Modified over 9 years ago

Similar presentations

Presentation on theme: "1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology."— Presentation transcript:

1 1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Relationship between endpoint contracts and consistency in Service- Oriented Systems Dean Kuo School of Computer Science The e-Science North West Centre The University of Manchester dkuo@cs.man.ac.uk Work completed at CSIRO ICT Centre Australia with Alan Fekete, Paul Greenfield, Surya Nepal 1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts.

2 2 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Discussion How do we –Specify Consistency properties Two types of properties –Application dependent –Application independent –Model service endpoint contracts –Verify application protocols defined by endpoint contracts will always maintain consistency Limitations

3 3 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Consistency Properties I Application independent properties –The application protocol will eventually terminate No deadlocks –Always, no service sends or receives any messages once an interaction instance has terminated Leaving messages unprocessed is an indication services may have terminated in incompatible messaging states –Customer service terminates once it sends payment but then receives a late fee invoice Bad design practice if messages are left unprocessed

4 4 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Consistency Properties II Dependent on the application –Termination properties Always, at termination, all services reach an agreed outcome –For example, customer and merchant services agree an item has been delivered and payment has been received. –Intermediate properties Always, payment must be received before goods are shipped Consistency Properties can be formally specified using temporal logic

5 5 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Modeling Endpoint Contracts Model must be sufficiently expressive –Contain enough details to derive if an application defined by two endpoint contracts will always maintain consistency However, the model must be simple –Overly complex models will make it difficult to specify an endpoint contract

6 6 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Endpoint Contracts - WSDL Message exchange patterns (MEPS) –Specifies the in and out messages –Can not specify general message ordering properties Can not specify messages that are optional –Is getting a quote optional or mandatory? –No possibility of deriving whether an application protocol defined by two service contracts will always maintain consistency

7 7 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Endpoint Contracts - BPEL Workflow languages –Easily describe simple message flows Application exceptions can occur at anytime –Asynchronous behaviour is unavoidable E.g. Cancellation However, we need to specify what happens when either party cancels the ordering process –Purchaser Can cancel the process anytime before sending a purchase order to the merchant Can request to cancel an order but the merchant decides if the request is accepted or rejected –Merchant may need to cancel anytime during the ordering process until the sale is closed Rec Quote Req Send Quote Rec Purchase Order Send Confirmation ……..

8 8 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Rec Cust Cancel Req Send Cancel Ack Rec Cust Cancel Req Send Cancel Ack Send Cancel reject Send Merchant Cancel Rec Merchant Cancel Ack What messages are exchanged when customer and provider cancel simultaneously? Rec Quote Req Send Quote Rec Purchase Order Send Confirmation …….. ……… Send Reject Quote

9 9 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Rules based approach Using conditions to specify when messages can be sent and received –Conditions mention what msgs sent and/or received –Used in SSDL Rules framework Upside: simple expression of specifying (esp asynchronous) messaging behaviour Msg: send confirmation Cond: (rec PO) & (not sent confirmation) & (not sent merchant cancel) & (not rec cust cancel or sent cancel rejected) Msg: send invoice Cond: (sent confirmation) & (not sent invoice) & (not sent merchant cancel) & (not rec cust cancel or sent cancel rejected)

10 10 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Rec: Cust Cancel Req Cond: … Send: Cancel Ack Cond: … Rec: Cust Cancel Req Cond: … Send: Cancel Ack Cond: … Send: Cancel reject Cond: … Send: Provider Cancel Cond: … Rec: Provider Cancel Ack Cond: … Rec: Quote Req Cond: … Send: Quote Cond: … Rec: Purchase Order Cond: … Send: Confirmation Cond: … …….. ……… Send: Reject Quote Cond: … Rules based approach Downside: Specification becomes too fragmented –Lose the ordering properties, making it hard to visualise

11 11 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Hybrid Approach A service contract is best specified as a set of message flows –Conditions define the relationship between the flows –We have successfully specified a number endpoint contracts

12 12 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Rec Quote Req Send Quote Cond: … Rec Purchase Order Cond: … Send Confirmation Cond: … …….. ……… Rec Cust Cancel Req Cond: … Send Cancel Ack Cond: … Send Cancel Reject Cond: … Send Provider Cancel Cond: Rec Provider Cancel Ack Cond:

13 13 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Features Succinct compared to workflow languages when dealing with asynchronous messaging behaviour Is more expressive than message exchange patterns (MEPS) Sufficient information to derive whether an application maintains consistency

14 14 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Verifying Consistency Consistency Properties –Always eventually terminate, agreed final termination messaging state, no message sent or received after termination. Manual verification is too labour intensive and time consuming Automated verification? –Requirements for verification tool Support temporal logic to express consistency properties –Always, eventually, … Describe endpoint contracts Reason about the connection

15 15 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Verification Tools Model checkers –SPIN, … –Initial motivation was to learn about asynchronous application protocol design Just how hard or easy is it to design application protocols We have used SPIN to specify endpoint contracts and consistency properties –Successfully verified a number of use cases Ordering a book, payment, … –Used the hybrid approach in specifying endpoint contracts

16 16 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Using Model Checkers Showed the hybrid method is viable –Model checking code reflects the hybrid approach in modeling endpoint contract Showed viability of using tools to verify consistency Designing application protocol was difficult due to asynchronous messaging behaviour –Too many possible sequences of message exchange –Adopted a termination protocol similar to WS- BusinessActivity Added a transition

17 17 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Limitations Hybrid approach for specifying endpoint contracts does not scale for complex multistage application protocols –One strategy is to reach intermediate agreement However, we need to solve the composition problem Even worse with multiple parties Model checker limits –State space explosion as model checkers rely on a brute force search

18 18 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. What Now Find a more abstract, succinct with sufficient expressiveness to model endpoint contracts Find other tools for automate or semi- automated verification Experience in application protocol design can be documented as patterns –But we first need to gain experience in designing complex multi-party application protocols

19 19 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology and the Arts. Conclusion Consistency properties for service oriented systems can be defined in terms of messaging state Asynchronous messaging behaviour is unavoidable in service oriented systems The simplest method for modeling endpoint contracts is to use the hybrid approach –A set of message flows and with conditions We can use model checkers to automate verification –Define consistency properties in temporal logic

Download ppt "1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology."

Similar presentations

WS Choreography v.0-1 Overview This is work-in-progress David Burdett, Commerce One 18 June 2003.

WS Choreography v.0-1 Overview This is work-in-progress David Burdett, Commerce One 18 June 2003.
The Next Generation Messaging Technology - Makes Web Services Effective Maria E Orlowska The University of Queensland School of ITEE Australia.

The Next Generation Messaging Technology - Makes Web Services Effective Maria E Orlowska The University of Queensland School of ITEE Australia.
Johnb DFDs and Design John Bell The DeMarco notation.

Johnb DFDs and Design John Bell The DeMarco notation.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Describing Process Specifications and Structured Decisions Systems Analysis and Design, 7e Kendall & Kendall 9 © 2008 Pearson Prentice Hall.

Describing Process Specifications and Structured Decisions Systems Analysis and Design, 7e Kendall & Kendall 9 © 2008 Pearson Prentice Hall.
MIS 325 PSCJ. 2  Business processes can be quite complex  Process model: any abstract representation of a process  Process-modeling tools provide a.

MIS 325 PSCJ. 2  Business processes can be quite complex  Process model: any abstract representation of a process  Process-modeling tools provide a.
QAD EDI Part II Enterprise Material Transfer [EMT]

QAD EDI Part II Enterprise Material Transfer [EMT]
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
Database Replication techniques: a Three Parameter Classification Authors : Database Replication techniques: a Three Parameter Classification Authors :

Database Replication techniques: a Three Parameter Classification Authors : Database Replication techniques: a Three Parameter Classification Authors :
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that Web services are likely.

A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
CSCI 4550/8556 Computer Networks Comer, Chapter 3: Network Programming and Applications.

CSCI 4550/8556 Computer Networks Comer, Chapter 3: Network Programming and Applications.
Business Process Orchestration

Business Process Orchestration
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
---Confidential 1 Order Management Training. ---Confidential 2 Introduction Three cycles in Oracle Applications Plan to make. Order to cash Procure to.

---Confidential 1 Order Management Training. ---Confidential 2 Introduction Three cycles in Oracle Applications Plan to make. Order to cash Procure to.
Sharif University of Technology Session # 7.  Contents  Systems Analysis and Design  Planning the approach  Asking questions and collecting data 

Sharif University of Technology Session # 7.  Contents  Systems Analysis and Design  Planning the approach  Asking questions and collecting data 
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May

Similar presentations

Ads by Google